CVE-2021-40732

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-40732

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-40732.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-40732

Downstream

DEBIAN-CVE-2021-40732

DLA-3585-1

DLA-4264-1

OESA-2023-1690

OESA-2023-1691

UBUNTU-CVE-2021-40732

USN-5483-1

Related

MGASA-2022-0236

Published

2021-10-13T17:15:07Z

Modified

2025-09-19T13:13:56.371841Z

Summary

[none]

Details

XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer dereference vulnerability that could result in leaking data from certain memory locations and causing a local denial of service in the context of the current user. User interaction is required to exploit this vulnerability in that the victim will need to open a specially crafted MXF file.

References

Affected packages

Git / github.com/adobe/xmp-toolkit-sdk

Affected ranges

Type: GIT
Repo: https://github.com/adobe/xmp-toolkit-sdk
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

42eb5267d1ffc1d22066438599a9e2dec020d9ca

Affected versions

v2020.*

v2020.1